A quiet rollout for FEMA 2.0

Two and a half years after Hurricane Katrina
revealed the weaknesses in the Federal
Emergency Management Agency's performance,
the agency is quietly embarking on its
most ambitious overhaul of information technology
software.

FEMA's enterprise IT project is a multiyear
program expected to cost at least $1 billion,
according to Input Inc., a market
research firm in Reston, Va.
Several other industry and government
sources have confirmed
that estimate.

The Enterprise Application
Development Integration and
Sustainment (EADIS) program
will create an integrated computer
environment for operating
FEMA's many programs, including
disaster assistance, preparedness
grants distribution and individual assistance.
It will develop a common enterprise
architecture and software for FEMA's major
IT systems.

However, some insiders question the value
of launching such a far-reaching project in the
final year of a presidential administration and
after the recent resignation of Anthony Cira,
FEMA's chief information officer. The new
program is proceeding without much fanfare,
and it is too early to know whether this understated
approach will be effective in moving it
to completion.

"FEMA does not have the luxury of not
updating," said George Foresman, former
undersecretary of preparedness at the
Homeland Security Department.

Observers question how effectively FEMA is
consulting with other stakeholders and how a
new IT architecture will affect FEMA's role in
future disaster response.

But there is overall support in the field for
FEMA's efforts to improve its IT systems and a
belief that such work is long overdue. FEMA
has been operating on aging systems for many
years. Those shortcomings contributed
to failures in responding
to Hurricane Katrina, according
to an April 2006 report by
DHS Inspector General Richard
Skinner.

"FEMA was in need of an
upgrade in 2003 when it joined
DHS," and the need has grown
since then, said Kenneth Burris,
FEMA's former chief operating
officer, who retired in 2006. He
became COO at the Washington-based consulting
firm James Lee Witt Associates last
year.

In the past five years, demand for a modern
IT infrastructure at FEMA has increased.
More people depend on the agency since
Katrina, despite its well-publicized stumbles.
"There is a critical need for FEMA to meet
expectations," Burris said.

The EADIS contract is to be awarded under
the Enterprise Applications Gateway for
Leading Edge Solutions procurement vehicle.
Bids from contractors were due Jan. 18. DHS
is expected to narrow the competition to two
bidders shortly.

HEAVY BIDDERS

According to industry insiders,
General Dynamics Corp., IBM
Corp., Lockheed Martin Corp. and
Science Applications International
Corp. have submitted bids, but
that information could not be fully
confirmed.

Cira, who was spearheading EADIS,
announced his resignation Jan. 28. He declined
to comment, citing confidentiality rules.
"We are wondering whether someone else at
FEMA will became the champion for this
project or whether the FEMA old guard will
take over," one contractor said.

But others say EADIS is far enough along
to survive without Cira's involvement. "At this
stage of procurement, it is likely to have
momentum behind it," said Jeremy Potter,
senior homeland security analyst at Input.

FEMA has been operating on piecemeal,
overstretched IT systems for many years.
Despite several partial overhauls, the current
systems are not integrated and do not always
work well together, Burris and others say.
For example, FEMA's system for intake of
disaster assistance applications was designed
to handle a maximum of about 50,000 applications
per day, Burris said. After Katrina,
millions of people filed applications in a short
time. Upgrading that system is likely to cost
$175 million, Burris said, based on estimates
developed when he was at FEMA in 2006.

"Definitely, there is a need for a significant
repair to that system," he said.

Similarly, FEMA's existing financial management
IT systems are not fully integrated with its systems for tracking purchase orders
and procurements, Burris said. Those problems
have been addressed in an ad hoc fashion
for years, but there needs to be an enterprise
IT system to integrate them to be fully effective,
he added.

Also, the National Emergency Management
Information System is expected to be updated
and folded into the enterprise IT project,
according to industry sources. The NEMIS
database is a core program for FEMA
response and recovery.

FEMA intended to tackle some of the IT
integration issues when it became part of
DHS. But it was stymied in part by requests
from the new organization to hold off on
major IT system updating until DHS could
overhaul its central IT system and put together
a new enterprise architecture, Burris said.
But DHS appears to have changed its strategy
in the past year and is now encouraging
agency IT enterprise architecture improvements,
including FEMA's EADIS program, to
move forward, he added.

But Foresman said FEMA's
own maturation since Katrina has been equally
important in spurring the IT overhaul. In
addition, the agency has been able to get a
clearer vision for its enterprise architecture
needs through exposure to other DHS agencies
and headquarters that are also installing
modern IT systems, he said. "I think FEMA
has benefited with its engagement with U.S.
Citizenship and Immigration Services,
Customs and Border Protection, and [U.S.
Visitor and Immigrant Status Indicator
Technology]. It has helped creative a positive
IT environment."

PRESSING POLICY MATTERS

Still, some FEMA policy issues need addressing.
For one, there is the question of whether
FEMA needs to more fully engage with state
and local stakeholders as it develops new IT
architecture. That could be important to avoid
problems such as those experienced by the DHS
Homeland Security Information Network.

DHS recently shut down that network
because it replicated other available networks.
The duplication arose, in part, due
to a lack of early coordination with state
and local agencies as the network was
being developed, according to reports
from the department's Office of the
Inspector General.

"The knowledge of what to do in emergencies
does not reside solely within the
National Capital Region," Foresman said.
"We would very much appreciate being contacted
by FEMA so the state emergency managers
could provide input, as their customers,
on the IT systems that interface with the states,"
said Kristin Cormier Robinson, director of government
relations at the National Emergency
Management Association.

Also, some wonder how accomodating
FEMA's new enterprise architecture will be to
future technologies and standards. The key
issue is whether FEMA will provide a standard
template for disaster communications or
a more open IT architecture that can be adapted
more flexibly to different types of disasters.

Art Botterell ? a former FEMA official and
one of the authors of the Common Alerting
Protocol emergency messaging standard
developed by volunteers and now used by
FEMA and other federal, state and local agencies
? posed a series of questions about
FEMA's plan. "Will it provide more options in
the future, or will it merely lock FEMA into a
new generation of proprietary interfaces?" he
asked.

Alice Lipowicz (alipowicz@1105govinfo.com) is a
staff writer at Washington Technology.